Agenda item - Response to Forthcoming General Data Protection Regulation

skip navigation and tools

Agenda item

Response to Forthcoming General Data Protection Regulation

Report of the Executive Director, Finance & Resources

Decision:

That the Committee:

 

1)            Approves the preferred option of a ‘Hub and Spoke’ model to ensure that accountability for successful compliance with the forthcoming GDPR and UK Data Protection Bill 2017 is in place.

 

2)            Approves capital funding for 2017/18 and 2018/19 of up to £644,000 and the  commitment of £90,000 per annum from  2019/20 in the revenue budget – these costs are to cover  investment in Information Asset Administrator employment, software development, and project management resources as detailed within the options appraisal and business case in Annex A.

 

3)            Delegates authority to the Executive Director of Finance and Resources to take all steps necessary to implement the GDPR strategy. 

Minutes:

71.1      The Committee considered a report of the Executive Director, Finance & Resources that informed the Committee of the forthcoming changes to Data Protection regulations, the impact these will have on the Council’s operations, and the proposed approach to mitigating the associated risks. At the heart of this is the General Data Protection Regulation (GDPR) which comes into effect in May 2018.

 

71.2      Councillor Sykes stated his concern regarding the significant capital funding that would be required and asked if officers should lobby ministers for new burden funding. Councillor Sykes asked if the capital funding request was included in the draft budget papers or would be subject to agreement by the committee.

 

71.3      The Executive Director, Finance & Resources replied that significant comment had been made nationally however; the proposals and investment had been deemed necessary to protect personal data, and avoid censure and financial penalties from the Information Commissioner’s Office (ICO) in the event of failure. The Executive Director, Finance & Resources added that an element of the capital funding was contained in the budget proposals however; the revenue element could not currently be accounted for as this would occur in future years. The Executive Director, Finance & Resources stated that there was still some uncertainty about the impact of the regulation and clarified that it would be monitored closely by the Audit & Standards Committee under its responsibility for Information Governance.

 

71.4      Councillor Mac Cafferty noted the National Cyber Security Centre had provided a series of recommendations for local authorities to work on, one of which was that it was included on the risk register and he was pleased to hear confirmation that this had happened. Councillor Mac Cafferty stated that going forward, it was essential to know how other authorities were managing the change and how information could be shared to ensure implementation of the regulation was not drastically overspent.

 

71.5      The Executive Director, Finance & Resources clarified that the Orbis Partnership provided an excellent opportunity to share information and a network of intelligence that could be exploited.

 

71.6      RESOLVED- That the Committee:

 

1)            Approves the preferred option of a ‘Hub and Spoke’ model to ensure that accountability for successful compliance with the forthcoming GDPR and UK Data Protection Bill 2017 is in place.

 

2)            Approves capital funding for 2017/18 and 2018/19 of up to £644,000 and the  commitment of £90,000 per annum from  2019/20 in the revenue budget – these costs are to cover  investment in Information Asset Administrator employment, software development, and project management resources as detailed within the options appraisal and business case in Annex A.

 

3)            Delegates authority to the Executive Director of Finance and Resources to take all steps necessary to implement the GDPR strategy. 

Supporting documents:

 


Brighton & Hove City Council | Hove Town Hall | Hove | BN3 3BQ | Tel: (01273) 290000 | Mail: info@brighton-hove.gov.uk | how to find us | comments & complaints